package personal.emailsender.shared.util;

import com.google.gwt.safehtml.shared.SafeHtml;
import com.google.gwt.safehtml.shared.SimpleHtmlSanitizer;

public class HtmlUtil {

	private HtmlUtil() {}

	/**
	 * Scrubs suspicious html tags, only leaving basic formatting attributes that are
	 * allowed in {@link SimpleHtmlSanitizer} in the scrubbed html text for security.
	 */
	public static String scrubber(String contentFromUser) {
		SafeHtml contentAfterScrubber = SimpleHtmlSanitizer
				.sanitizeHtml(contentFromUser);
		return contentAfterScrubber.asString();
	}

	/**
	 * Do not allow html for some fields like subject/sender.
	 */
	public static String escapeHtml(String html) {
		if (html == null) {
			return null;
		}
		return html.replaceAll("&", "&amp;").replaceAll("<", "&lt;")
				.replaceAll(">", "&gt;");
	}
}
